[apparmor] PATCH [2/3] - report status changes
Jamie Strandboge
jamie at canonical.com
Thu Sep 9 17:20:19 BST 2010
On Thu, 2010-09-09 at 09:08 -0700, John Johansen wrote:
> This patch causes apparmor_notify to report status changes. I am actually
> not sure this one should be applied yet, as it feels like this should
> be an option.
>
> Index: utils/apparmor_notify
> ===================================================================
> --- utils.orig/apparmor_notify 2010-09-09 08:48:08.164193401 -0700
> +++ utils/apparmor_notify 2010-09-09 09:00:11.264193402 -0700
> @@ -230,7 +230,8 @@
> # ignore all but status and denied messages
> my $type = LibAppArmor::aa_log_record::swig_event_get($test);
>
> - $type == $LibAppArmor::AA_RECORD_DENIED or return ();
> + $type == $LibAppArmor::AA_RECORD_DENIED ||
> + $type == $LibAppArmor::AA_RECORD_STATUS or return ();
>
> my $profile = LibAppArmor::aa_log_record::swig_profile_get($test);
> my $operation = LibAppArmor::aa_log_record::swig_operation_get($test);
>
Well, this patch achieves what the comment says it does, but I removed
AA_RECORD_STATUS when developing this because I thought it was too noisy
and clearly didn't update the comment. I agree it could be configurable,
defaulting to 'no status'. I don't really feel status is hugely
interesting with the intent of what apparmor_notify is trying to do, but
I'd be happy to review a patch if someone was interested. NAK for now.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/apparmor/attachments/20100909/b6acdb90/attachment.pgp
More information about the AppArmor
mailing list